page publicitaire qui s'ouvre • page 2

[taz66410]

oui apparament mdr

[jeanmimigab]

lol,

refais un scan OTL exactement comme tu l'as fais la première fois stp...

Note:cette fois ci tu n'auras pas de rapport Extra.txt

[taz66410]

voila le rapport

Code: Tout sélectionner

OTL logfile created on: 15/11/2010 18:27:25 - Run 2
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Documents and Settings\personne\Bureau
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 0000040C | Country: France | Language: FRA | Date Format: dd/MM/yyyy
 
511,00 Mb Total Physical Memory | 81,00 Mb Available Physical Memory | 16,00% Memory free
1,00 Gb Paging File | 1,00 Gb Available in Paging File | 65,00% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 29,75 Gb Free Space | 39,92% Space Free | Partition Type: NTFS
Drive E: | 298,02 Gb Total Space | 277,52 Gb Free Space | 93,12% Space Free | Partition Type: FAT32
 
Computer Name: PERSONNE-94C4EB | User Name: personne | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2010/11/14 23:57:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\personne\Bureau\OTL.exe
PRC - [2010/11/06 21:42:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\personne\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
PRC - [2010/10/29 16:04:10 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/10/29 16:04:07 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/09/22 16:48:36 | 000,858,624 | ---- | M] (Orange) -- C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\one\OrangeInside.exe
PRC - [2010/04/16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010/02/18 10:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
PRC - [2010/01/15 13:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/10/15 09:54:06 | 000,357,696 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\WiFi\9wifi.exe
PRC - [2009/10/15 09:53:54 | 000,959,808 | ---- | M] (SFR) -- C:\Program Files\SFR\Kit\9props.exe
PRC - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/03/21 00:28:56 | 000,157,336 | ---- | M] () -- C:\Program Files\GIMP-2.0\lib\gimp\2.0\plug-ins\script-fu.exe
PRC - [2009/03/21 00:19:58 | 004,604,056 | ---- | M] () -- C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe
PRC - [2009/03/10 21:18:20 | 000,970,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2008/12/04 13:24:30 | 000,665,424 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2007/07/16 11:54:10 | 000,025,264 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe
PRC - [2007/07/16 11:54:08 | 000,434,864 | ---- | M] () -- C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe
PRC - [2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/06/11 09:14:52 | 000,517,040 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdicoms.exe
PRC - [2007/06/11 09:14:42 | 000,099,248 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxdiserv.exe
PRC - [2007/03/06 16:58:16 | 001,060,376 | ---- | M] () -- C:\Program Files\Labtec\WebCam10\WebCam10.exe
PRC - [2007/03/06 16:51:26 | 000,252,704 | ---- | M] (Labtec Inc.) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
PRC - [2007/03/06 16:48:46 | 000,488,984 | ---- | M] (Labtec Inc,) -- C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
PRC - [2006/08/04 14:24:30 | 000,610,304 | ---- | M] (Hama GmbH & Co KG) -- C:\Program Files\Hama\Common\RaUI.exe
PRC - [2004/08/19 15:10:00 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntvdm.exe
PRC - [2002/06/14 10:21:30 | 000,046,592 | ---- | M] (Avance Logic, Inc.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - [2010/11/14 23:57:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\personne\Bureau\OTL.exe
MOD - [2006/08/25 16:51:12 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - [2010/01/15 13:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009/05/19 10:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2007/06/11 09:14:52 | 000,517,040 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdicoms.exe -- (lxdi_device)
SRV - [2007/06/11 09:14:42 | 000,099,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxdiserv.exe -- (lxdiCATSCustConnectService)
SRV - [2007/03/06 16:55:24 | 000,105,248 | ---- | M] (Labtec Inc.) [Auto | Stopped] -- C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - [2008/11/12 11:53:38 | 000,101,120 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/11/12 11:53:38 | 000,099,840 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2007/11/13 22:29:24 | 000,095,744 | R--- | M] (Option NV) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Gt51Ip.sys -- (GT72NDISIPXP)
DRV - [2007/11/13 22:29:24 | 000,051,968 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gt72ubus.sys -- (GT72UBUS)
DRV - [2007/11/13 22:29:24 | 000,008,064 | R--- | M] (Option N.V.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gtptser.sys -- (GTPTSER)
DRV - [2007/03/06 16:54:40 | 000,041,376 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007/03/06 16:52:46 | 002,261,792 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007/03/06 16:50:30 | 001,669,664 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007/03/06 16:49:20 | 000,491,168 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\LV561AV.SYS -- (PID_0928) Logitech QuickCam Express(PID_0928)
DRV - [2006/09/28 22:41:46 | 000,247,808 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\netr73.sys -- (netr73)
DRV - [2006/09/06 04:36:42 | 000,187,392 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
DRV - [2006/03/01 17:53:54 | 000,032,128 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcandis5.sys -- (PCANDIS5)
DRV - [2006/01/12 20:46:28 | 000,252,928 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2005/11/19 02:13:18 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PCASp50.sys -- (PCASp50)
DRV - [2004/08/04 00:08:22 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/08/03 22:03:36 | 000,088,448 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2003/09/23 09:38:34 | 000,034,688 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pcampr5.sys -- (PCAMPR5)
DRV - [2002/08/30 13:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2002/08/30 13:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2002/06/20 15:39:04 | 000,472,576 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2002/06/12 10:42:44 | 000,654,604 | ---- | M] (Avance Logic, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) Service for Avance AC97 Audio (WDM)
DRV - [2002/05/22 09:11:08 | 000,027,392 | R--- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2001/08/17 23:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2001/08/17 21:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Bing"
FF - prefs.js..browser.search.defaultthis.engineName: "Messenger Plus Live France Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://fr.msn.com/"
FF - prefs.js..extensions.enabledItems: {59994074-c06d-4a75-9768-49e5a8c21264}:2.5.8.6
FF - prefs.js..extensions.enabledItems: {b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}:2.6.0.15
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3
FF - prefs.js..extensions.enabledItems: faceplus@face-plus.com:1.17
FF - prefs.js..extensions.enabledItems: {4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}:1.2.1.0
FF - prefs.js..extensions.enabledItems: {E6768F2A-D4C3-457D-A1A8-3472BF16267D}:Build 320
FF - prefs.js..extensions.enabledItems: menu_contextuel_orange@orange.fr:1.0
FF - prefs.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata="
 
FF - user.js..keyword.URL: "http://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{E6768F2A-D4C3-457D-A1A8-3472BF16267D}: C:\Program Files\orange\ToolbarFR\FirefoxContainer\ [2010/11/06 20:56:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/11/01 22:06:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/10/29 16:04:16 | 000,000,000 | ---D | M]
 
[2008/07/04 08:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Mozilla\Extensions
[2010/11/15 13:39:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions
[2009/09/08 15:08:35 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/07/09 20:17:01 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/11/15 13:39:39 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{364d4e0c-543f-4b85-abe3-19551139da4f}
[2010/11/06 20:48:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}
[2010/04/01 13:34:33 | 000,000,000 | ---D | M] (Messenger Plus Live France Toolbar) -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}
[2010/06/07 17:46:57 | 000,000,000 | ---D | M] (myBabylon English Toolbar) -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2010/08/07 10:06:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\faceplus@face-plus.com
[2010/11/15 16:29:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\menu_contextuel_orange@orange.fr
[2010/06/29 14:13:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\personas@christopher.beard
[2010/11/06 21:42:19 | 000,002,650 | ---- | M] () -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\searchplugins\bing.xml
[2009/08/18 08:50:52 | 000,003,711 | ---- | M] () -- C:\Documents and Settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\searchplugins\YouGoo.xml
[2009/09/09 21:24:10 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009/07/17 19:21:00 | 003,883,424 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\NPSWF32.dll
[2010/08/02 12:57:46 | 000,001,516 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-france.xml
[2010/08/02 12:57:46 | 000,001,822 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\cnrtl-tlfi-fr.xml
[2010/08/02 12:57:46 | 000,000,757 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-france.xml
[2010/08/02 12:57:46 | 000,001,426 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-fr.xml
[2010/08/02 12:57:46 | 000,000,956 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-france.xml
 
O1 HOSTS File: ([2010/11/15 13:35:24 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Objet d'aide à la navigation SFR) - {0F6E720A-1A6B-40E1-A294-1D4D19F156C8} - C:\Program Files\SFR\Kit\SFRNavErrorHelper.dll (SFR)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Programme d'aide de l'Assistant de connexion Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (no name) - {4daac69c-cba7-45e2-9bc8-1044483d3352} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (barre d'outils Orange) - {D3028143-6145-4318-99D3-3EDCE54A95A9} - C:\Program Files\orange\ToolbarFR\ToolbarContainer101000320.dll (Orange)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Autoconfigurateur WiFi SFR] C:\Program Files\SFR\Kit\WiFi\9wifi.exe (SFR)
O4 - HKLM..\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] C:\Program Files\Orange\IEWInternet\SessionManager\SessionManager.exe File not found
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe (Labtec Inc,)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Labtec\WebCam10\WebCam10.exe ()
O4 - HKLM..\Run: [lxdiamon] C:\Program Files\Lexmark 3500-4500 Series\lxdiamon.exe ()
O4 - HKLM..\Run: [lxdimon.exe] C:\Program Files\Lexmark 3500-4500 Series\lxdimon.exe ()
O4 - HKLM..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe (Silicon Integrated Systems Corp.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Avance Logic, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003..\Run: [Connexion SFR 9props.exe] C:\Program Files\SFR\Kit\9props.exe (SFR)
O4 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003..\Run: [EPSON SX110 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIFBE.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003..\Run: [orangeinside] C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\one\OrangeInside.exe (Orange)
O4 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\Hama Wireless LAN Utility.lnk = C:\Program Files\Hama\Common\RaUI.exe (Hama GmbH & Co KG)
O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
O4 - Startup: C:\Documents and Settings\personne\Menu Démarrer\Programmes\Démarrage\Event Reminder.lnk = C:\pmw\PMREMIND.EXE ()
O4 - Startup: C:\Documents and Settings\personne\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk = C:\Documents and Settings\personne\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-854245398-1078081533-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: ajouter cette page à vos favoris Orange - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\AddFavorites_html\AddFavorites.html ()
O8 - Extra context menu item: envoyer le texte sélectionné par sms - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html ()
O8 - Extra context menu item: envoyer par sms - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html ()
O8 - Extra context menu item: envoyer un mail - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html ()
O8 - Extra context menu item: orange.fr - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\orange_html\orange.html ()
O8 - Extra context menu item: rechercher le texte sélectionné - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html ()
O8 - Extra context menu item: traduire la page - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\translate_html\translate.html ()
O8 - Extra context menu item: traduire le texte sélectionné - C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html ()
O9 - Extra Button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://go.microsoft.com/fwlink/?linkid=58813 (Office Genuine Advantage Validation Tool)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} http://go.microsoft.com/fwlink/?LinkId=82580 (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1054559956359 (MUCatalogWebControl Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Fichiers communs\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\x-sdch {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - CLSID or File not found.
O24 - Desktop Components:0 (Ma page d'accueil) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\personne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\personne\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O30 - LSA: Authentication Packages - (nwprovau) - C:\WINDOWS\System32\nwprovau.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/05/23 17:10:56 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/11/14 23:55:23 | 000,000,000 | ---D | M] - C:\Autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/11/02 19:04:20 | 000,593,088 | ---- | M] () - E:\autowprufordfiesta3door.jpg -- [ FAT32 ]
O32 - AutoRun File - [2010/11/14 23:55:28 | 000,000,000 | ---D | M] - E:\Autorun.inf -- [ FAT32 ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
 
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Rendu VML (Vector Graphics Rendering)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Lecteur Windows Media Microsoft 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 11.0.3
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 11.0.3
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Liaison de données Dynamic HTML pour Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Création avancée
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - Classes Java DirectAnimation
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

Code: Tout sélectionner

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} -
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Planificateur de tâches
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Flash Player 8
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: >{CB58DED6-4AF3-4080-9DF1-DEE72075169F} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{DFB17AA8-042A-429D-987C-26CE244A4189} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Labtec Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.MJPG - C:\WINDOWS\System32\mtkjpeg.dll ()
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2010/11/15 13:49:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Application Data\Malwarebytes
[2010/11/15 13:49:35 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/15 13:49:34 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/15 13:49:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2010/11/15 13:49:33 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/15 13:26:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2010/11/14 23:57:01 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\personne\Bureau\OTL.exe
[2010/11/14 23:55:23 | 000,000,000 | ---D | C] -- C:\Autorun.inf
[2010/11/14 23:54:58 | 000,000,000 | ---D | C] -- C:\UsbFix
[2010/11/06 22:08:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\McAfee
[2010/11/06 21:42:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\personne\Bureau\Services Windows Live
[2010/11/06 20:56:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Local Settings\Application Data\Orange
[2010/11/06 20:49:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Application Data\Orange
[2010/11/06 12:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Application Data\Floodlight Games
[2010/11/06 12:08:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Floodlight Games
[2010/11/06 11:55:32 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
[2010/11/01 22:07:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
[2010/11/01 22:07:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2010/11/01 22:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\McAfee Security Scan
[2010/11/01 14:25:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Bureau\photos maeliss et coucher de soleil
[2010/10/19 21:24:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Application Data\freshgames
[2010/10/19 21:18:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2010/10/19 20:40:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\personne\Local Settings\Application Data\Softonic_France
[2009/07/29 16:51:55 | 000,356,352 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiinpa.dll
[2009/07/29 16:51:55 | 000,311,296 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihcp.dll
[2009/07/29 16:51:54 | 001,187,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiserv.dll
[2009/07/29 16:51:54 | 000,942,080 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiusb1.dll
[2009/07/29 16:51:54 | 000,614,400 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipmui.dll
[2009/07/29 16:51:54 | 000,532,480 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdilmpm.dll
[2009/07/29 16:51:54 | 000,339,968 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiiesc.dll
[2009/07/29 16:51:54 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdiprox.dll
[2009/07/29 16:51:54 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdipplc.dll
[2009/07/29 16:51:53 | 000,671,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdihbn3.dll
[2009/07/29 16:51:53 | 000,360,448 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomm.dll
[2009/07/29 16:51:52 | 000,765,952 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdicomc.dll
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2010/11/15 17:10:20 | 000,050,074 | ---- | M] () -- C:\Documents and Settings\personne\.recently-used.xbel
[2010/11/15 16:28:48 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/15 16:26:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/15 16:26:08 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/15 13:49:38 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/11/15 13:35:24 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2010/11/14 23:57:08 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\personne\Bureau\OTL.exe
[2010/11/12 19:01:00 | 000,000,512 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2010/11/11 00:06:08 | 000,000,355 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/07 22:45:13 | 000,022,528 | ---- | M] () -- C:\Documents and Settings\personne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/11/06 22:07:41 | 000,001,619 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\McAfee Security Scan Plus.lnk
[2010/11/06 22:07:41 | 000,001,611 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2010/11/06 21:42:21 | 000,001,370 | ---- | M] () -- C:\Documents and Settings\personne\Bureau\Aller sur MSN.fr.lnk
[2010/11/06 21:42:20 | 000,001,093 | ---- | M] () -- C:\Documents and Settings\personne\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk
[2010/11/06 13:10:40 | 000,001,632 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/11/05 23:21:25 | 000,000,777 | ---- | M] () -- C:\Documents and Settings\personne\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2010/11/05 23:21:25 | 000,000,759 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Picasa 3.lnk
[2010/10/31 18:23:59 | 000,500,482 | ---- | M] () -- C:\WINDOWS\System32\perfh00C.dat
[2010/10/31 18:23:59 | 000,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/10/31 18:23:59 | 000,080,508 | ---- | M] () -- C:\WINDOWS\System32\perfc00C.dat
[2010/10/31 18:23:59 | 000,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/10/29 16:03:58 | 000,000,372 | ---- | M] () -- C:\Documents and Settings\personne\Mes documents\spider.sav
[2010/10/21 08:32:04 | 000,001,744 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2010/11/15 17:10:20 | 000,050,074 | ---- | C] () -- C:\Documents and Settings\personne\.recently-used.xbel
[2010/11/15 13:49:38 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Malwarebytes' Anti-Malware.lnk
[2010/11/11 00:06:08 | 000,000,355 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/11/06 22:07:41 | 000,001,619 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\McAfee Security Scan Plus.lnk
[2010/11/06 21:42:21 | 000,001,370 | ---- | C] () -- C:\Documents and Settings\personne\Bureau\Aller sur MSN.fr.lnk
[2010/11/06 21:42:20 | 000,001,093 | ---- | C] () -- C:\Documents and Settings\personne\Menu Démarrer\Programmes\Démarrage\Notification de cadeaux MSN.lnk
[2010/11/05 23:21:25 | 000,000,777 | ---- | C] () -- C:\Documents and Settings\personne\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk
[2010/11/05 23:21:25 | 000,000,759 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Bureau\Picasa 3.lnk
[2010/11/01 22:07:47 | 000,001,611 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\Démarrage\McAfee Security Scan Plus.lnk
[2010/10/29 09:58:16 | 000,001,502 | ---- | C] () -- C:\Documents and Settings\personne\Bureau\Spider Solitaire (2).lnk
[2010/10/03 10:59:31 | 000,051,370 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/03/21 11:24:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MSREGUSR.INI
[2010/03/10 20:56:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/03/09 13:29:21 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/02/15 18:28:33 | 000,290,918 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2010/01/29 23:00:32 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\mtkjpeg.dll
[2009/07/29 16:53:30 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdivs.dll
[2009/07/29 16:53:28 | 000,344,064 | ---- | C] () -- C:\WINDOWS\System32\lxdicoin.dll
[2009/07/29 16:52:50 | 000,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxdidrs.dll
[2009/07/29 16:52:50 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\lxdicnv4.dll
[2009/07/29 16:52:50 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxdicaps.dll
[2009/07/29 16:51:55 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\lxdiinst.dll
[2009/07/29 16:51:53 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdigrd.dll
[2009/06/12 23:20:59 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2008/07/05 02:04:49 | 000,022,528 | ---- | C] () -- C:\Documents and Settings\personne\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/02/04 17:23:10 | 000,693,792 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.DLL
[2007/03/06 16:50:30 | 001,669,664 | ---- | C] () -- C:\WINDOWS\System32\drivers\Lvckap.sys
[2003/05/23 18:58:42 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/05/23 17:20:17 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2003/05/23 17:19:51 | 000,032,768 | R--- | C] () -- C:\WINDOWS\SIS_LIB.DLL
[1999/01/27 12:39:06 | 000,065,024 | ---- | C] () -- C:\WINDOWS\System32\indounin.dll
[1997/06/13 06:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2009/10/14 21:14:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Far Mills
[2010/06/10 16:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alawar Entertainment
[2009/12/03 21:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alawar Stargaze
[2009/07/03 10:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Astar Games
[2010/04/16 20:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BanzaiInteractive
[2010/01/22 22:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Becky Brogan
[2009/11/04 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CasualForge
[2010/03/09 13:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
[2009/09/29 13:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EscapeFromParadise2
[2009/09/22 17:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EscapeTheMuseum
[2009/08/26 13:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy2
[2009/09/23 17:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy3
[2010/03/16 15:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy3_Arctica
[2010/05/27 23:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy3_Russia
[2010/06/04 22:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Flood Light Games
[2010/11/06 12:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Floodlight Games
[2009/08/12 10:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FreshGames
[2009/11/12 21:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fugazo
[2009/08/23 21:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gamerizon
[2009/07/09 20:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GamesBar
[2009/11/22 21:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GOA
[2009/08/10 09:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GoBit Games
[2009/10/22 10:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gogii
[2009/07/04 12:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gogii Games
[2009/10/04 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HiddenSecretsNightmare
[2010/04/14 16:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HoverBee Studios
[2010/04/16 11:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InterAction studios
[2010/06/15 13:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\JollyBear
[2010/07/15 23:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Merscom
[2010/06/04 23:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Million
[2009/06/20 20:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MinigolfAdventures
[2009/11/18 17:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MumboJumbo
[2010/06/10 16:46:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Namco
[2009/10/22 20:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NannyMania
[2010/04/16 12:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nevosoft
[2010/03/01 18:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\oberon
[2010/09/06 18:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PlayFirst
[2010/04/02 11:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Playrix Entertainment
[2009/12/01 18:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PoBros
[2010/10/06 08:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sandlot Games
[2010/04/02 11:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ShinyTales
[2010/10/04 09:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Soccer-Cup-Solitaire
[2009/11/07 22:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpinTop Games
[2009/09/18 14:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SugarGames
[2010/11/06 13:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/11/04 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UClick
[2010/03/09 13:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
[2009/09/07 20:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2010/02/17 18:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\1morebee
[2010/02/12 21:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Alawar
[2010/06/10 16:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Alawar Entertainment
[2009/11/13 14:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Argonyt
[2010/06/07 20:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Arkadium
[2010/06/09 21:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Artogon
[2010/06/01 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Awem
[2009/08/09 15:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Babylonia
[2010/04/16 20:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BanzaiInteractive
[2009/09/17 20:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Be a King
[2009/09/21 16:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Big Fish Games
[2009/07/14 18:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BlamGames
[2009/07/06 16:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BloodTies
[2009/08/24 10:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Boolat Games
[2009/06/19 21:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BottleBuster
[2009/09/17 20:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BrandX Games
[2009/11/04 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\CasualForge
[2009/09/18 16:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\CupcakeCafe
[2010/02/12 21:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\EleFun Games
[2010/03/10 11:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Epson
[2010/06/04 22:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Flood Light Games
[2010/11/06 12:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Floodlight Games
[2010/10/19 21:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\freshgames
[2009/11/18 18:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Friday's games
[2009/09/30 16:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\funkitron
[2009/09/23 11:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GameInvest
[2010/09/01 10:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Gestalt Games
[2008/12/06 08:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GetRightToGo
[2010/08/16 10:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Go-Go Gourmet Chef of the Year
[2009/11/22 21:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GOA
[2009/07/04 12:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Gogii Games
[2009/09/16 16:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GraveyardShift
[2010/11/02 21:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\gtk-2.0
[2009/07/14 18:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Hidden Island Data
[2009/11/22 22:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\HSA
[2010/11/15 16:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Icones
[2010/07/09 15:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Jane s Hotel
[2010/06/11 22:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\JoyBits
[2009/07/29 16:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Lexmark Productivity Studio
[2009/08/24 18:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Meridian93
[2010/07/15 23:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Merscom
[2009/10/17 21:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\MissTeriTale3
[2003/06/02 14:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\MSNInstaller
[2009/11/18 17:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\MysteryStudio
[2010/06/15 14:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Namco
[2010/09/01 10:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\NevoSoft Games
[2009/11/03 21:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\oberon
[2010/11/06 21:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Orange
[2009/08/26 14:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\panoramik
[2009/08/11 14:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Peace Craft
[2009/07/02 10:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\PetRush
[2010/09/06 18:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\PlayFirst
[2009/12/01 17:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Playrix Entertainment
[2009/12/01 18:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\PoBros
[2009/09/19 18:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Pogo Games
[2009/06/23 22:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\RobinsonCrusoe
[2010/06/10 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Settlement. Colossus
[2009/06/08 10:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\SprillBermudeEng
[2009/11/09 18:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\SquareLogic
[2009/11/18 18:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Trio
[2009/11/04 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\UClick
[2009/11/18 18:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\V-Games
[2010/05/18 10:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\VampireSaga
[2009/09/22 21:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\World-LooM
[2010/04/14 14:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\YoudaGames
[2010/11/12 19:01:00 | 000,000,512 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Custom Scans ==========[/color]
 
 
[color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
[2010/05/28 09:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
[2010/06/10 16:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alawar Entertainment
[2009/12/03 21:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Alawar Stargaze
[2009/07/03 10:00:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Astar Games
[2010/04/16 20:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\BanzaiInteractive
[2010/01/22 22:24:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Becky Brogan
[2009/11/04 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\CasualForge
[2010/03/09 13:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON
[2009/09/29 13:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EscapeFromParadise2
[2009/09/22 17:19:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EscapeTheMuseum
[2009/08/26 13:56:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy2
[2009/09/23 17:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy3
[2010/03/16 15:50:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy3_Arctica
[2010/05/27 23:09:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FarmFrenzy3_Russia
[2010/06/04 22:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Flood Light Games
[2010/11/06 12:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Floodlight Games
[2009/08/12 10:28:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\FreshGames
[2009/11/12 21:42:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Fugazo
[2009/08/23 21:21:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gamerizon
[2009/07/09 20:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GamesBar
[2009/11/22 21:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GOA
[2009/08/10 09:53:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GoBit Games
[2009/10/22 10:52:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gogii
[2009/07/04 12:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Gogii Games
[2009/06/06 12:47:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google
[2009/10/04 21:07:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HiddenSecretsNightmare
[2010/04/14 16:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\HoverBee Studios
[2010/04/16 11:50:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\InterAction studios
[2010/06/15 13:45:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\JollyBear
[2009/09/11 18:01:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
[2010/11/15 13:49:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
[2010/11/01 22:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
[2010/11/01 22:07:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
[2010/07/15 23:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Merscom
[2010/11/01 17:17:53 | 000,000,000 | --SD | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
[2010/06/04 23:23:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Million
[2009/06/20 20:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MinigolfAdventures
[2009/11/18 17:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\MumboJumbo
[2010/06/10 16:46:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Namco
[2009/10/22 20:44:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NannyMania
[2010/04/16 12:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nevosoft
[2010/02/13 18:05:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton
[2009/09/09 17:03:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\NortonInstaller
[2010/03/01 18:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\oberon
[2010/09/06 18:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PlayFirst
[2010/04/02 11:04:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Playrix Entertainment
[2009/12/01 18:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\PoBros
[2010/10/06 08:03:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sandlot Games
[2010/04/02 11:10:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ShinyTales
[2010/10/04 09:23:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Soccer-Cup-Solitaire
[2009/11/07 22:38:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SpinTop Games
[2010/02/13 17:54:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
[2009/09/18 14:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\SugarGames
[2010/06/02 11:33:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun
[2009/09/09 17:03:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
[2010/11/06 13:36:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
[2009/11/04 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UClick
[2010/03/09 13:34:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\UDL
[2003/06/02 14:41:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
[2009/09/07 20:59:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip
[2008/11/19 12:58:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
 
[color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
[2007/01/11 22:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON\EPW!3 SSRP\E_S40RP7.EXE
[2007/12/17 22:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON\EPW!3 SSRP\E_S40ST7.EXE
 
[color=#A23BEC]< %APPDATA%\*. >[/color]
[2010/02/17 18:56:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\1morebee
[2010/05/28 09:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Adobe
[2010/02/12 21:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Alawar
[2010/06/10 16:10:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Alawar Entertainment
[2009/11/13 14:12:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Argonyt
[2010/06/07 20:21:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Arkadium
[2010/06/09 21:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Artogon
[2010/06/01 10:56:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Awem
[2009/08/09 15:23:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Babylonia
[2010/04/16 20:52:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BanzaiInteractive
[2009/09/17 20:15:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Be a King
[2009/09/21 16:06:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Big Fish Games
[2009/07/14 18:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BlamGames
[2009/07/06 16:21:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BloodTies
[2009/08/24 10:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Boolat Games
[2009/06/19 21:05:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BottleBuster
[2009/09/17 20:40:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\BrandX Games
[2009/11/04 18:56:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\CasualForge
[2009/09/18 16:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\CupcakeCafe
[2010/02/12 21:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\EleFun Games
[2010/03/10 11:26:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Epson
[2010/06/04 22:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Flood Light Games
[2010/11/06 12:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Floodlight Games
[2010/10/19 21:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\freshgames
[2009/11/18 18:14:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Friday's games
[2009/09/30 16:41:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\funkitron
[2009/09/23 11:30:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GameInvest
[2010/09/01 10:24:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Gestalt Games
[2008/12/06 08:45:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GetRightToGo
[2010/08/16 10:00:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Go-Go Gourmet Chef of the Year
[2009/11/22 21:44:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GOA
[2009/07/04 12:21:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Gogii Games
[2008/06/03 17:48:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Google
[2009/09/16 16:55:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\GraveyardShift
[2010/11/02 21:33:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\gtk-2.0
[2003/05/23 17:21:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Help
[2009/07/14 18:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Hidden Island Data
[2009/11/22 22:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\HSA
[2010/11/15 16:04:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Icones
[2003/05/23 17:16:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Identities
[2010/03/09 13:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\InstallShield
[2010/07/09 15:38:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Jane s Hotel
[2010/06/11 22:27:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\JoyBits
[2009/07/29 16:59:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Lexmark Productivity Studio
[2008/07/09 10:44:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Macromedia
[2010/11/15 13:49:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Malwarebytes
[2009/08/24 18:16:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Meridian93
[2010/07/15 23:20:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Merscom
[2010/11/06 21:42:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\personne\Application Data\Microsoft
[2009/10/17 21:11:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\MissTeriTale3
[2008/07/04 08:43:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Mozilla
[2003/06/02 14:31:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\MSNInstaller
[2009/11/18 17:14:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\MysteryStudio
[2010/06/15 14:19:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Namco
[2010/09/01 10:15:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\NevoSoft Games
[2009/11/03 21:44:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\oberon
[2010/11/06 21:18:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Orange
[2009/08/26 14:56:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\panoramik
[2009/08/11 14:18:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Peace Craft
[2009/07/02 10:43:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\PetRush
[2010/09/06 18:35:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\PlayFirst
[2009/12/01 17:52:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Playrix Entertainment
[2009/12/01 18:39:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\PoBros
[2009/09/19 18:39:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Pogo Games
[2010/07/09 14:10:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Realore 3 Days Zoo Mystery
[2010/06/17 17:08:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Realore DressUpRush
[2009/06/23 22:06:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\RobinsonCrusoe
[2010/06/10 21:55:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Settlement. Colossus
[2009/06/08 10:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\SprillBermudeEng
[2009/11/09 18:48:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\SquareLogic
[2010/06/02 11:31:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Sun
[2009/11/18 18:17:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\Trio
[2009/11/04 22:12:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\UClick
[2009/11/18 18:09:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\V-Games
[2010/05/18 10:48:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\VampireSaga
[2009/09/22 21:48:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\World-LooM
[2010/04/14 14:35:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\personne\Application Data\YoudaGames
 
[color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
[2010/10/03 10:59:57 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\personne\Application Data\Microsoft\Installer\{35725FBC-A136-4A46-9F29-091759D9BB93}\ARPPRODUCTICON.exe
[2010/02/15 18:23:30 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\personne\Application Data\Microsoft\Installer\{5CA72DC6-1043-4BDA-A128-C18200FF7ABA}\ARPPRODUCTICON.exe
[2010/10/03 11:00:21 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\personne\Application Data\Microsoft\Installer\{BEF726DD-4037-4214-8C6A-E625C02D2870}\ARPPRODUCTICON.exe
[2010/10/03 10:59:47 | 000,010,134 | R--- | M] () -- C:\Documents and Settings\personne\Application Data\Microsoft\Installer\{EA516024-D84D-41F1-814F-83175A6188F2}\ARPPRODUCTICON.exe
[2010/11/06 21:42:19 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\personne\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
[2010/11/06 21:42:20 | 000,086,576 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\personne\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
[2010/11/06 21:42:20 | 000,132,672 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\personne\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
[2003/06/02 14:31:49 | 000,826,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\personne\Application Data\MSNInstaller\msnauins.exe
[2010/11/06 21:18:53 | 000,155,913 | ---- | M] () -- C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\uninstall.exe
[2009/11/13 14:03:38 | 000,152,576 | ---- | M] () -- C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\install\Launch.exe
[2010/09/22 16:48:38 | 000,201,728 | ---- | M] () -- C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\install\Uninstall.exe
[2010/09/22 16:48:36 | 000,858,624 | ---- | M] (Orange) -- C:\Documents and Settings\personne\Application Data\Orange\OrangeInside\one\OrangeInside.exe
 
[color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
 
 
[color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/13 19:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\agp440.sys
 
[color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/13 19:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\atapi.sys
[2004/08/03 21:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
 
[color=#A23BEC]< MD5 for: CDROM.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2008/04/13 19:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) MD5=1F4260CC5B42272D71F79E570A27A4FE -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\cdrom.sys
[2010/06/11 01:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\dllcache\cdrom.sys
[2010/06/11 01:40:58 | 000,062,592 | ---- | M] (Microsoft Corporation) MD5=7B53584D94E9D8716B2DE91D5F1CB42D -- C:\WINDOWS\system32\drivers\cdrom.sys
[2004/08/03 21:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\$NtUninstallKB952011$\cdrom.sys
 
[color=#A23BEC]< MD5 for: CHANGER.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
[2008/04/13 19:40:58 | 000,008,192 | ---- | M] (Microsoft Corporation) MD5=2A5815CA6FFF24B688C01F828B96819C -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\changer.sys
 
[color=#A23BEC]< MD5 for: DISK.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2004/08/03 21:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\system32\drivers\disk.sys
[2008/04/13 19:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\disk.sys
 
[color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
[2004/08/19 15:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004/08/19 15:09:26 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=49B1376885340BF9EA0D99F71557B59A -- C:\WINDOWS\system32\eventlog.dll
[2008/04/14 03:33:24 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=4EC800BDF80521B0207BD2301DFC7D14 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\eventlog.dll
 
[color=#A23BEC]< MD5 for: EXPLORER.EXE  >[/color]
[2004/08/19 15:09:54 | 001,036,288 | ---- | M] (Microsoft Corporation) MD5=2A7BD330924252A2FD80344FC949BB72 -- C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
[2007/06/13 14:10:53 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=B795475444D6D57A572C14B9E1A29839 -- C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
[2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\explorer.exe
[2007/06/13 14:22:28 | 001,037,312 | ---- | M] (Microsoft Corporation) MD5=D0288319660EDCFED07C7E74C4EA38A5 -- C:\WINDOWS\system32\dllcache\explorer.exe
[2008/04/14 03:34:03 | 001,037,824 | ---- | M] (Microsoft Corporation) MD5=F2317622D29F9FF0F88AEECD5F60F0DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\explorer.exe
 
[color=#A23BEC]< MD5 for: NDIS.SYS  >[/color]
[2008/04/13 20:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) MD5=1DF7F42665C94B825322FAE71721130D -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\ndis.sys
[2004/08/03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004/08/03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
 
[color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
[2008/04/14 03:33:34 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=04821179C3171554C1BD1F9888A113E2 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\netlogon.dll
[2004/08/19 15:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004/08/19 15:09:38 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D4CFAC76926C24E32B7F25A35C31BC6E -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 19:46:49 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ECD7791E0E9246CA5F218A19F3911EB9 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
 
[color=#A23BEC]< MD5 for: RASACD.SYS  >[/color]
[2002/08/30 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\dllcache\rasacd.sys
[2002/08/30 13:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) MD5=FE0D99D6F31E4FAD8159F690D68DED9C -- C:\WINDOWS\system32\drivers\rasacd.sys
 
[color=#A23BEC]< MD5 for: RDPWD.SYS  >[/color]
[2005/06/10 05:06:01 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=047BEA21274C8A4A233674A76C958C2C -- C:\WINDOWS\$hf_mig$\KB899591\SP2QFE\rdpwd.sys
[2008/04/14 03:34:54 | 000,139,656 | ---- | M] (Microsoft Corporation) MD5=6728E45B66F93C08F11DE2E316FC70DD -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\rdpwd.sys
[2005/06/10 05:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\system32\dllcache\rdpwd.sys
[2005/06/10 05:11:22 | 000,139,528 | ---- | M] (Microsoft Corporation) MD5=B54CD38A9EBFBF2B3561426E3FE26F62 -- C:\WINDOWS\system32\drivers\rdpwd.sys
[2004/08/19 15:10:20 | 000,139,400 | ---- | M] (Microsoft Corporation) MD5=D4F5643D7714EF499AE9527FDCD50894 -- C:\WINDOWS\$NtUninstallKB899591$\rdpwd.sys
 
[color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
[2004/08/19 15:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004/08/19 15:09:40 | 000,186,368 | ---- | M] (Microsoft Corporation) MD5=58D439F6EF73A2D9288B204E819F4BBD -- C:\WINDOWS\system32\scecli.dll
[2008/04/14 03:33:40 | 000,187,392 | ---- | M] (Microsoft Corporation) MD5=973B36634C544948C663E8269AA1B3A3 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\scecli.dll
 
[color=#A23BEC]< MD5 for: SFLOPPY.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Sfloppy.sys
[2004/08/03 21:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=0D13B6DF6E9E101013A7AFB0CE629FE0 -- C:\WINDOWS\system32\drivers\sfloppy.sys
[2008/04/13 19:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) MD5=8E6B8C671615D126FDC553D1E2DE5562 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\sfloppy.sys
 
[color=#A23BEC]< MD5 for: SPLITTER.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:splitter.sys
[2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\Driver Cache\i386\splitter.sys
[2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\system32\dllcache\splitter.sys
[2006/06/14 09:47:46 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=0CE218578FFF5F4F7E4201539C45C78F -- C:\WINDOWS\system32\drivers\splitter.sys
[2004/08/04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) MD5=8E186B8F23295D1E42C573B82B80D548 -- C:\WINDOWS\$NtUninstallKB920872$\splitter.sys
[2006/06/14 09:50:19 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=9BB1DD670CB7505A90FC4E61D4AA8227 -- C:\WINDOWS\$hf_mig$\KB920872\SP2QFE\splitter.sys
[2008/04/13 19:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) MD5=AB8B92451ECB048A4D1DE7C3FFCB4A9F -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\splitter.sys
 
[color=#A23BEC]< MD5 for: SWMIDI.SYS  >[/color]
[2008/04/13 19:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) MD5=8CE882BCC6CF8A62F2B2323D95CB3D01 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\swmidi.sys
[2001/08/17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) MD5=94ABC808FC4B6D7D2BBF42B85E25BB4D -- C:\WINDOWS\system32\drivers\swmidi.sys
 
[color=#A23BEC]< MD5 for: TCPIP.SYS  >[/color]
[2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2008/06/20 11:45:13 | 000,360,320 | ---- | M] (Microsoft Corporation) MD5=2A5554FC5B1E04E131230E3CE035C3F9 -- C:\WINDOWS\system32\drivers\tcpip.sys
[2007/10/30 17:53:32 | 000,360,832 | ---- | M] (Microsoft Corporation) MD5=64798ECFA43D78C7178375FCDD16D8C8 -- C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
[2008/06/20 11:44:42 | 000,360,960 | ---- | M] (Microsoft Corporation) MD5=744E57C99232201AE98C49168B918F48 -- C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[2007/10/30 18:20:55 | 000,360,064 | ---- | M] (Microsoft Corporation) MD5=90CAFF4B094573449A0872A0F919B178 -- C:\WINDOWS\$NtUninstallKB951748$\tcpip.sys
[2008/04/13 20:20:16 | 000,361,344 | ---- | M] (Microsoft Corporation) MD5=93EA8D04EC73A85DB02EB8805988F733 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tcpip.sys
[2008/06/20 12:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=9AEFA14BD6B182D61E3119FA5F436D3D -- C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[2004/08/03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
[2008/06/20 12:59:02 | 000,361,600 | ---- | M] (Microsoft Corporation) MD5=AD978A1B783B5719720CFF204B666C8E -- C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
 
[color=#A23BEC]< MD5 for: TDPIPE.SYS  >[/color]
[2004/08/19 15:10:20 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\dllcache\tdpipe.sys
[2004/08/19 15:10:20 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=38D437CF2D98965F239B0ABCD66DCB0F -- C:\WINDOWS\system32\drivers\tdpipe.sys
[2008/04/14 03:34:52 | 000,012,040 | ---- | M] (Microsoft Corporation) MD5=6471A66807F5E104E4885F5B67349397 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdpipe.sys
 
[color=#A23BEC]< MD5 for: TDTCP.SYS  >[/color]
[2008/04/14 03:34:53 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=C56B6D0402371CF3700EB322EF3AAF61 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\tdtcp.sys
[2004/08/19 15:10:20 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\dllcache\tdtcp.sys
[2004/08/19 15:10:20 | 000,021,896 | ---- | M] (Microsoft Corporation) MD5=ED0580AF02502D00AD8C4C066B156BE9 -- C:\WINDOWS\system32\drivers\tdtcp.sys
 
[color=#A23BEC]< MD5 for: USBPRINT.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbprint.sys
[2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\dllcache\usbprint.sys
[2004/08/03 22:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A42369B7CD8886CD7C70F33DA6FCBCF5 -- C:\WINDOWS\system32\drivers\usbprint.sys
[2008/04/13 19:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) MD5=A717C8721046828520C9EDF31288FC00 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbprint.sys
 
[color=#A23BEC]< MD5 for: USBSCAN.SYS  >[/color]
[2004/08/19 15:20:54 | 018,782,711 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:usbscan.sys
[2008/04/13 19:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A0B8CF9DEB1184FBDD20784A58FA75D4 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\usbscan.sys
[2004/08/03 21:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\dllcache\usbscan.sys
[2004/08/03 21:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) MD5=A6BC71402F4F7DD5B77FD7F4A8DDBA85 -- C:\WINDOWS\system32\drivers\usbscan.sys
 
[color=#A23BEC]< MD5 for: USERINIT.EXE  >[/color]
[2004/08/19 15:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004/08/19 15:10:04 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=84717891F0734C611721F56C60B5FBC3 -- C:\WINDOWS\system32\userinit.exe
[2008/04/14 03:34:26 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=E74DDB12188C2FF57A78624DBF7332FC -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\userinit.exe
 
[color=#A23BEC]< MD5 for: WINLOGON.EXE  >[/color]
[2004/08/19 15:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004/08/19 15:10:06 | 000,506,368 | ---- | M] (Microsoft Corporation) MD5=123EEA158F74D0F67A51DCDF065D1091 -- C:\WINDOWS\system32\winlogon.exe
[2008/04/14 03:34:28 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=DD73D6B9F6B4CB630CF35B438B540174 -- C:\WINDOWS\SoftwareDistribution\Download\44b6174a4a693136d02d4a7ecd7cbd54\winlogon.exe
 
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
 
[color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
[2004/08/19 14:52:22 | 000,070,688 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\mmsystem.dll
[2002/08/30 13:00:00 | 000,005,120 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\shell.dll
 
[color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles  >[/color]
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 16 bytes -> C:\Documents and Settings\personne\Mes documents\Shareaza Downloads:Shareaza.GUID

< End of report >


EDIT Skynet : rapport trop long divisé en deux.

[jeanmimigab]

hello,

* Fais un double-clic sur l'icône d'OTL pour le lancer
/!\ pour Vista/Seven fais un clic-droit sur l'icône d'OTL et choisis "Exécuter en tant qu'administrateur"

* Assure toi d'avoir fermé toutes les applications en court de fonctionnement.

* Quand la fenêtre d'OTL apparaît, assure toi que dans la section "Rapport" (en haut à droite) la case "Rapport minimal" soit cochée.

* Copies et colles le contenue de cette citation dans la partie inférieure d'OTL "Personnalisation"

:Files
C:\Documents and Settings\All Users.WINDOWS\Application Data\GamesBar
:Commands
[emptytemp]

* Cliques sur l'icône "Correction" (en haut à gauche) .
* Laisse le scan aller à son terme sans te servir du PC
* A la fin du scan un rapport va s'ouvrir "OTL.Txt"
* Copie et colle le rapports dans ta réponse stp...
* Au cas où, tu peux les retrouver dans le dossier C:\OTL ou sur ton bureau en fonction des cas rencontrés

ensuite...

Télécharge >>> AD-Remover <<< ( de C_XX ) sur ton bureau.

- Double-clique sur le fichier AD-R.exe pour lancer le tool.

- Pour Vista /Seven faire un cliques droit sur l'icône et choisir "Exécuter en tant qu'administrateur"

- Cliques sur "Nettoyer".

- Ensuite laisse le scan s'effectuer tranquillement sans te servir du PC

- Poste le rapport.txt qui s'ouvre.

au cas ou,le rapport est sauvegarder ici
C:\AD-Report-scan+"date"

Si jamais tu dois relancer AD-R.exe tu devras te servir du raccourci créer durant son installation

@++

[taz66410]

voici le rapport

Code: Tout sélectionner

======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 11/11/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [2]) -> Lancé à 21:32:38 le 15/11/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 2 (X86)
personne@PERSONNE-94C4EB ( )
 
============== ACTION(S) ==============



(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\Prefs.js --
-- Fichier Fermé --
 


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.12 (fr)] **

-- C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\User.js --
keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=

-- C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\personne\\Mes documents\\Mes images\\gimp, damien
browser.search.defaultenginename, Bing
browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
browser.search.selectedEngine, Bing
browser.startup.homepage, hxxp://fr.msn.com/
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 57 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 15/11/2010 (6306 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 15/11/2010 (1509 Octet(s))

Fin à: 21:33:45, 15/11/2010
 
============== E.O.F ==============


[jeanmimigab]

(CLEAN [2]) -> Lancé à 21:32:38 le 15/11/2010

tu as lancer AD Remover deux fois de suite..

poste le contenu du rapports c:\Ad-Report-CLEAN[1] stp...

[taz66410]

alors voila le rapport 1

Code: Tout sélectionner

======= RAPPORT D'AD-REMOVER 2.0.0.2,B | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 11/11/10 à 11:40
Contact: AdRemover[DOT]contact[AT]gmail[DOT]com
Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 21:23:59 le 15/11/2010, Mode normal

Microsoft Windows XP Professionnel Service Pack 2 (X86)
personne@PERSONNE-94C4EB ( )
 
============== ACTION(S) ==============


Dossier supprimé: C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\conduit
Dossier supprimé: C:\Documents and Settings\personne\Local Settings\Application Data\Conduit
Dossier supprimé: C:\Program Files\Conduit
Dossier supprimé: C:\Documents and Settings\personne\Local Settings\Application Data\ConduitEngine

(!) -- Fichiers temporaires supprimés.


-- Fichier ouvert: C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\Prefs.js --
-- Fichier Fermé --
 

Clé supprimée: HKLM\Software\Classes\CLSID\{242F8DFB-14A8-4424-BCEC-D8C7829B13E7}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{242F8DFB-14A8-4424-BCEC-D8C7829B13E7}
Clé supprimée: HKLM\Software\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Clé supprimée: HKLM\Software\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Clé supprimée: HKLM\Software\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Clé supprimée: HKLM\Software\Classes\TypeLib\{AD76633E-E50D-4844-9E7F-4DFBC7C18467}
Clé supprimée: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uvuvcelk
Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore
Clé supprimée: HKLM\Software\Classes\BandooCore.BandooCore.1
Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr
Clé supprimée: HKLM\Software\Classes\BandooCore.ResourcesMngr.1
Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr
Clé supprimée: HKLM\Software\Classes\BandooCore.SettingsMngr.1
Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr
Clé supprimée: HKLM\Software\Classes\BandooCore.StatisticMngr.1
Clé supprimée: HKLM\Software\Classes\Oberontb.Band
Clé supprimée: HKLM\Software\Classes\Oberontb.Band.1
Clé supprimée: HKLM\Software\Classes\oberontb.GamesBarBHO
Clé supprimée: HKLM\Software\Classes\oberontb.GamesBarBHO.1
Clé supprimée: HKLM\Software\Classes\Toolbar.CT1460988
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2095689
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2542115
Clé supprimée: HKLM\Software\Classes\Toolbar.CT2567681
Clé supprimée: HKLM\Software\Classes\AppID\BandooCore.EXE
Clé supprimée: HKLM\Software\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Clé supprimée: HKLM\Software\bandoo
Clé supprimée: HKLM\Software\Conduit
Clé supprimée: HKLM\Software\conduitEngine
Clé supprimée: HKLM\Software\GamesBar
Clé supprimée: HKLM\Software\GamesBarSetup
Clé supprimée: HKCU\Software\Conduit
Clé supprimée: HKCU\Software\conduitEngine
Clé supprimée: HKCU\Software\GamesBar
Clé supprimée: HKCU\Software\PopCap
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Games-Attack
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\GamesBar
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Clé supprimée: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Clé supprimée: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B2F56A0-C283-4397-A971-4DA4D6EE419F}
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Clé supprimée: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Gamesbar
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A93C934-025B-4C3A-B38E-9654A7003239}
Clé supprimée: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F282B65-56BF-4BD1-A8B2-A4449A05863D}


============== SCAN ADDITIONNEL ==============

** Mozilla Firefox Version [3.6.12 (fr)] **

-- C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\User.js --
keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=

-- C:\Documents and Settings\personne\Application Data\Mozilla\FireFox\Profiles\w4ao4bqi.default\Prefs.js --
browser.download.lastDir, C:\\Documents and Settings\\personne\\Mes documents\\Mes images\\gimp, damien
browser.search.defaultenginename, Bing
browser.search.defaulturl, hxxp://www.bing.com/search?FORM=IEFM1&q=
browser.search.selectedEngine, Bing
browser.startup.homepage, hxxp://fr.msn.com/
browser.startup.homepage_override.mstone, rv:1.9.2.12
keyword.URL, hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=

========================================

** Internet Explorer Version [8.0.6001.18702] **

[HKCU\Software\Microsoft\Internet Explorer\Main]
AutoHide: yes
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Do404Search: 0x01000000
Enable Browser Extensions: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Show_ToolBar: yes
Start Page: hxxp://fr.msn.com/
Use Custom Search URL: 1
Use Search Asst: no

[HKLM\Software\Microsoft\Internet Explorer\Main]
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Delete_Temp_Files_On_Exit: yes
Local Page: C:\WINDOWS\system32\blank.htm
Search bar: hxxp://search.msn.com/spbasic.htm
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]
Tabs: res://ieframe.dll/tabswelcome.htm
Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 57 Fichier(s)
C:\Program Files\Ad-Remover\Backup: 14 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 15/11/2010 (4338 Octet(s))

Fin à: 21:25:19, 15/11/2010
 
============== E.O.F ==============


[jeanmimigab]

ok, c'est cool !

comment se comporte le pc maintenant ?

[taz66410]

1alors la cle wifi reste connecter, a part au demarage ou elle se connecte et déconnecte pendant 2 min mais apres ca va
2 il est toujour lent a l'ouverture de windos xp
3 il y a plus de fentre de pub qui s'ouvre
4 il rame beaucoup moin
5 je peut ouvrir mon msn, mais j'ai un probleme avec mais bon ca c'est autre chose
6 pour les diaporama je peut tjr pas les lire si ils ont ete envoyer via msn, mais je peut les lire si ils ont ete envoyer sur ma boite mail

[jeanmimigab]

ok,

on va vérifier quelque chose...

désactive ton Anti-virus le temps de faire ces manipulations.

>>Télécharge Winsockxpfix sur ton bureau et passe à la suite.

========================================================================================================

ensuite...

Télécharge Combofix sur ton Bureau (et pas ailleurs)en le renommant [b]avant qu'il n'atterrisse sur ton bureau. [/b]
pour cela fais un clic droit sur Combofix.exe ,choisis "enregistrer la cible du lien sous..." et renomme le en machin.exe pour l'emplacement choisis ton bureau et cliques sur "enregistrer"


Double clique ComboFix.exe pour démarrer le scan et suis les instructions indiquées par combofix.
Si Combofix te demande te demande l'autorisation de télécharger et installer la console de récupération Windows, acceptes et suis les instructions.
Lorsque le scan sera complet, un rapport apparaîtra, enregistre le sur ton bureau.
Redémarre impérativement ton pc !!
Copie/colle le rapport combofix dans ta prochaine réponse

NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Ne pas cliquer dans la fenêtre de Combofix durant l'analyse ; ceci provoquerait le gel du programme.

========================================================================================================

si a tout hasard ta connexion internet n'est plus active après le redémarrage du pc fait cela pour la réparer...

Fait un double clic sur l'icône de WinsockXPFix.


>>clique sur "Fix" > et si ton pc ne redémarre pas,redémarre le manuellement.

@++

[taz66410]

heu j'ai un probleme des que je telecharger Winsockxpfix j'ai perdu internet, alors je peut pas passer a la suite, comment faire, car meme en faisant comme tu dit elle revient pas

[taz66410]

voila j'ai retrouver ma connection

et voila le rapport combofix

Code: Tout sélectionner

ComboFix 10-11-15.05 - personne 16/11/2010   0:26.2.1 - x86
Microsoft Windows XP Professionnel  5.1.2600.2.1252.33.1036.18.511.252 [GMT 1:00]
Lancé depuis: c:\documents and settings\personne\Mes documents\Téléchargements\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

((((((((((((((((((((((((((((((((((((   Autres suppressions   ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\etmt1.bat
C:\nkv.bat
c:\program files\Internet Explorer\SET7B.tmp
c:\program files\Internet Explorer\SET7C.tmp
c:\program files\Internet Explorer\SET9A.tmp
c:\program files\Internet Explorer\SET9B.tmp
c:\program files\Internet Explorer\SETCA.tmp
c:\program files\Internet Explorer\SETCE.tmp
c:\program files\Internet Explorer\SETCF.tmp
c:\program files\Internet Explorer\SETE9.tmp
c:\program files\Internet Explorer\SETEA.tmp
c:\windows\system32\_000013_.tmp.dll
E:\9keibj.exe
E:\ji83j.exe
E:\mi9al8rs.exe
E:\p6xebrnt.exe
E:\ws.exe

.
(((((((((((((((((((((((((((((   Fichiers créés du 2010-10-15 au 2010-11-15  ))))))))))))))))))))))))))))))))))))
.

2010-11-15 23:02 . 2006-01-18 13:55   290918   ----a-w-   c:\windows\system32\Install7x.dll
2010-11-15 23:02 . 2006-01-12 19:46   252928   ----a-w-   c:\windows\system32\drivers\rt73.sys
2010-11-15 23:02 . 2005-11-30 11:33   2048   ----a-w-   c:\windows\system32\drivers\rt73.bin
2010-11-15 23:02 . 2005-10-17 19:50   245376   ----a-w-   c:\windows\system32\drivers\rt2500usb.SYS
2010-11-15 23:02 . 2005-05-17 15:24   311296   ----a-w-   c:\windows\system32\AegisI5.exe
2010-11-15 23:01 . 2005-11-13 22:19   5632   ----a-w-   c:\program files\Fichiers communs\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2010-11-15 20:23 . 2010-11-15 20:23   --------   d-----w-   c:\program files\Ad-Remover
2010-11-15 12:49 . 2010-11-15 12:49   --------   d-----w-   c:\documents and settings\personne\Application Data\Malwarebytes
2010-11-15 12:49 . 2010-04-29 14:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-15 12:49 . 2010-11-15 12:49   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2010-11-15 12:49 . 2010-04-29 14:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-11-15 12:49 . 2010-11-15 12:49   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-11-15 12:26 . 2010-11-15 12:26   --------   d-----w-   C:\_OTL
2010-11-14 22:54 . 2010-11-14 22:54   --------   d-----w-   C:\UsbFix
2010-11-06 21:08 . 2010-11-06 21:08   --------   d-----w-   c:\documents and settings\NetworkService\Application Data\McAfee
2010-11-06 20:42 . 2010-11-06 20:42   135680   ----a-w-   c:\documents and settings\personne\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe
2010-11-06 19:56 . 2010-11-06 19:56   --------   d-----w-   c:\documents and settings\personne\Local Settings\Application Data\Orange
2010-11-06 19:49 . 2010-11-06 20:18   --------   d-----w-   c:\documents and settings\personne\Application Data\Orange
2010-11-06 11:08 . 2010-11-06 11:08   --------   d-----w-   c:\documents and settings\personne\Application Data\Floodlight Games
2010-11-06 11:08 . 2010-11-06 11:08   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\Floodlight Games
2010-11-06 10:55 . 2010-11-06 10:55   --------   d--h--w-   c:\windows\system32\GroupPolicy
2010-11-01 21:07 . 2010-11-01 21:07   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\McAfee
2010-11-01 21:07 . 2010-11-01 21:07   --------   d-----w-   c:\documents and settings\All Users.WINDOWS\Application Data\McAfee Security Scan
2010-11-01 21:07 . 2010-11-06 21:07   --------   d-----w-   c:\program files\McAfee Security Scan
2010-10-19 20:24 . 2010-10-19 20:24   --------   d-----w-   c:\documents and settings\personne\Application Data\freshgames
2010-10-19 20:18 . 2010-10-19 20:18   --------   d-----w-   c:\program files\Microsoft Sync Framework
2010-10-19 19:40 . 2010-10-19 19:40   --------   d-----w-   c:\documents and settings\personne\Local Settings\Application Data\Softonic_France

.
((((((((((((((((((((((((((((((((((   Compte-rendu de Find3M   ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-11-06 20:42 . 2008-11-19 11:58   86576   ----a-w-   c:\documents and settings\personne\Application Data\Microsoft\Services Windows Live\Raccourci Galerie de Photos Windows Live.exe
2010-11-06 20:42 . 2008-11-19 11:58   392728   ----a-w-   c:\documents and settings\personne\Application Data\Microsoft\Services Windows Live\Services Windows Live.dll
2010-11-06 20:42 . 2008-11-19 11:58   132672   ----a-w-   c:\documents and settings\personne\Application Data\Microsoft\Services Windows Live\Raccourci Windows Live Messenger.exe
2010-10-14 23:44 . 2010-10-14 23:44   4280320   ----a-w-   c:\windows\system32\GPhotos.scr
.

(((((((((((((((((((((((((((((((((   Points de chargement Reg   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}]
2009-10-15 08:53   165184   ----a-w-   c:\program files\SFR\Kit\SFRNavErrorHelper.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-10-01 68856]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2010-04-16 3872080]
"Connexion SFR 9props.exe"="c:\program files\SFR\Kit\9props.exe" [2009-10-15 959808]
"orangeinside"="c:\documents and settings\personne\Application Data\Orange\OrangeInside\one\OrangeInside.exe" [2010-09-22 858624]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2002-07-12 290816]
"SiSUSBRG"="c:\windows\SiSUSBrg.exe" [2002-04-26 102400]
"SoundMan"="SOUNDMAN.EXE" [2002-06-14 46592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"lxdimon.exe"="c:\program files\Lexmark 3500-4500 Series\lxdimon.exe" [2007-07-16 434864]
"lxdiamon"="c:\program files\Lexmark 3500-4500 Series\lxdiamon.exe" [2007-07-16 25264]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-12-04 665424]
"Autoconfigurateur WiFi SFR"="c:\program files\SFR\Kit\WiFi\9wifi.exe" [2009-10-15 357696]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
"LogitechCommunicationsManager"="c:\program files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 488984]
"LogitechQuickCamRibbon"="c:\program files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 1060376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-19 15360]

c:\documents and settings\personne\Menu D‚marrer\Programmes\D‚marrage\
Event Reminder.lnk - c:\pmw\PMREMIND.EXE [1997-11-3 254128]
Notification de cadeaux MSN.lnk - c:\documents and settings\personne\Application Data\Microsoft\Notification de cadeaux MSN\lsnfier.exe [2010-11-6 135680]

c:\documents and settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Hama Wireless LAN Utility.lnk - c:\program files\Hama\Common\RaUI.exe [2010-11-16 610304]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      \0

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Metin2_France\\metin2.bin"=
"c:\\WINDOWS\\system32\\lxdicoms.exe"=
"c:\\Program Files\\Lexmark 3500-4500 Series\\lxdiamon.exe"=
"c:\\Program Files\\Lexmark 3500-4500 Series\\App4R.exe"=
"c:\\Program Files\\Lexmark 3500-4500 Series\\lxdimon.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdipswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxditime.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdijswx.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\lxdiwbgw.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

R2 lxdi_device;lxdi_device;c:\windows\system32\lxdicoms.exe -service --> c:\windows\system32\lxdicoms.exe -service [?]
R2 lxdiCATSCustConnectService;lxdiCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxdiserv.exe [29/07/2009 16:53 99248]
S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [27/08/2009 17:48 95744]
S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [27/08/2009 17:48 51968]
S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [07/12/2009 21:08 99840]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 13:49 227232]
S3 netr73;RT73 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr73.sys [15/02/2010 18:18 247808]
S3 RTLWUSB;802.11g USB 2.0 Wireless LAN Adapter;c:\windows\system32\drivers\RTL8187.sys [06/06/2009 12:36 187392]
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: ajouter cette page à vos favoris Orange - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\addfavorites_html\addfavorites.html
IE: envoyer le texte sélectionné par sms - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\sendsmsselectedtext_html\sendsmsselectedtext.html
IE: envoyer par sms - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\sendsms_html\sendsms.html
IE: envoyer un mail - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\sendmail_html\sendmail.html
IE: orange.fr - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\orange_html\orange.html
IE: rechercher le texte sélectionné - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\selectedsearch_html\selectedsearch.html
IE: traduire la page - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\translate_html\translate.html
IE: traduire le texte sélectionné - c:\documents and settings\personne\Application Data\Orange\OrangeInside\src\translateSelectedText_html\translateSelectedText.html
FF - ProfilePath - c:\documents and settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - prefs.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
FF - component: c:\documents and settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{59994074-c06d-4a75-9768-49e5a8c21264}\components\RadioWMPCore.dll
FF - component: c:\documents and settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\FFExternalAlert.dll
FF - component: c:\documents and settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}\components\RadioWMPCore.dll
FF - component: c:\program files\orange\ToolbarFR\FirefoxContainer\components\CCLCXPCOMBridge.dll
FF - plugin: c:\documents and settings\personne\Application Data\Mozilla\Firefox\Profiles\w4ao4bqi.default\extensions\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}\plugins\npOrangeInstaller.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
FF - user.js: keyword.URL - hxxp://rws.search.ke.voila.fr/RW/S/opensearch_orange?rdata=
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqz9s", true); // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--fiqs8s", true); // Simplified
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--j6w193g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4a87g", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7c0a67fbc", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbqly7cvafr", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kpry57d", true);  // Traditional
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--kprw13d", true);  // Simplified
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-{4daac69c-cba7-45e2-9bc8-1044483d3352} - (no file)
HKLM-Run-BEWINTERNET-FR-DMGP-V2SessionManager - c:\program files\Orange\IEWInternet\SessionManager\SessionManager.exe
AddRemove-Eazel-FR Toolbar - c:\progra~1\Eazel-FR\UNWISE.EXE
AddRemove-myBabylon_English Toolbar - c:\progra~1\MYBABY~1\UNWISE.EXE
AddRemove-Softonic_France Toolbar - c:\progra~1\SOFTON~1\UNWISE.EXE



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-16 00:38
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3956)
c:\windows\system32\browselc.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\WgaTray.exe
c:\windows\system32\lxdicoms.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
c:\program files\Fichiers communs\LogiShrd\LComMgr\LVComSX.exe
.
**************************************************************************
.
Heure de fin: 2010-11-16  00:44:38 - La machine a redémarré
ComboFix-quarantined-files.txt  2010-11-15 23:44

Avant-CF: 31 556 116 480 octets libres
Après-CF: 31 522 992 128 octets libres

- - End Of File - - 34D06CA7B1F9E9915CA38BEB40CCA063


[jeanmimigab]

hello,

Supprime via ajout/suppression de programme >> Mc Afee security scan


Installe Antivir , configure le comme sur la vidéo, fais un scan et poste le rapport, si des fichiers infectieux sont trouvé ne redémarre pas ton PC sans mon accord stp...poste juste le rapport et attends mes instructions
Tuto Vidéo et téléchargement chez mon ami Bobette Marlow
http://b.marlow.free.fr/antivir_de_avira.html

@++

[taz66410]

hello ok je fait ça de suite, car j'ai tjr mon probleme de connection internet qui ce connecte et deconnecte et de meme avec msn

[taz66410]

bon la pendant le scan ca ma trouver 3 virus et le scan et pas fini mais ca me demande ce que je dois faire, mettre en quarantaine, supprimer, renommer ou ignorer